Advertisement
Tencent security team found a way to eavesdrop through an Amazon Echo
It’s not easy… and Amazon says the flaw has been fixed
Reading Time:2 minutes
Why you can trust SCMP
0
This article originally appeared on ABACUS
Alexa hasn’t always been the best listener. Devices running on Amazon’s voice assistant are known to have confused background noise as user commands, prompting them to laugh inappropriately -- and in one case, send a recorded private conversation to a random contact.
To be clear, Alexa wasn’t spying on anyone in those instances. But it hasn’t stopped people from wondering if it’s possible for hackers to break in and eavesdrop through these devices.
At the DefCon security conference in Las Vegas over the weekend, a team of security researchers from Tencent demonstrated a way to remotely control an Amazon Echo, directing it to quietly record and transmit audio to an attacker.
The Tencent Blade Team exploited software on the smart speakers that allows devices to communicate with each other. By rewriting the firmware on the flash chip, an Echo can be used to hack into other Echoes -- but only if the devices share the same Wi-Fi network.
That means it might be harder to use this hack to target average home users, whose Echoes are likely connected to a password-protected Wi-Fi network. At the same time, as Wired points out, this could leave Echoes in schools, hotels and other places with shared passwords at higher risk.
Advertisement